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DETAILED ACTION 

1 . Claims 1 -22, 24, 25, 27, 56-64, 66-76, and 79-83 remain for examination 
correspondence filed 9/4/08 amended claims 1 and 56. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 8/1 9/08, 9/4/08, 
9/22/08, and 10/20/08 have all been considered by the Examiner. 

Response to Arguments 

3. Applicant's arguments filed 9/4/08 have been fully considered but they are not 
persuasive. Applicant argues, 

But Applicant respectfully disputes Best's assertion that his hybrid circuit would perform 
as a whole like a conventional microprocessor except for the fact that the program it 
executes is in cipher, for Best does not address any performance attributes whatsoever. 
Thus, one skilled would conclude from Best's teaching is that one technique for 
protecting a program's contents from tampering would be to encipher the program, store 
it in memory, and employ a hybrid circuit as described above to execute the program - 
that is, if timely execution of the program were of no consequence. 

Insofar as the claimed invention is concerned, the performance of the hybrid 

microprocessor - i.e. whether it can decrypt executable code in a timely fashion - is of 

no consequence as there is no claim limitation that would place any limits or constraints 

on the microprocessor's ability to perform its explicitly disclosed functionality. Although 

the claims are interpreted in light of the specification, limitations from the specification 

are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 

(Fed. Cir. 1993). Furthermore, Examiner does not concede that the Best disclosure can 

simply be assumed to operate at some ill-defined yet sub-par performance level, if only 
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because one of ordinary skill in the art would know that a co-processor (or co- 
processing unit, as disclosed in Best's hybrid microprocessor arrangement) would by 
design perform its specialized tasks better than the conventional microprocessor 
component whose functionality the co-processor was intended to augment. In any 
case, taking Applicant's argument that "Best does not address any performance 
attributes whatsoever" at face value. Examiner fails to see how it would necessarily 
follow that the performance of the Best invention is poor. 
Applicant further argues, 

Furthermore, Applicant disagrees with the Examiner's assertion that a hybrid circuit on a 
ceramic substrate consisting of two separate devices would lead one skilled in the art to 
combine Kessler's cryptographic coprocessor and Best's deciphering circuit to yield that 
microprocessor according to the present invention as recited in claims 1 and 56. This is 
because combining Kessler's cryptographic coprocessor and Best's deciphering circuit 
would yield, at best, a hybrid circuit that is capable of executing enciphered versions of 
Kessler's security primitives. Consequently, Applicant respectfully disagrees with the 
Examiner's assertions that a combination of Kessler and Best would yield that which is 
recited in claims 1 and 56. Although hybrid devices are admittedly prior art, a hybrid 
circuit as noted above is all that can be inferred from a combination of Kessler and Best. 
But the microprocessor as recited in claims 1 and 56 executes an application program 
having a cryptographic instruction therein that prescribes one of a plurality of 
cryptographic operations. Kessler in combination with Best lacks such an instruction. 

Examiner disagrees with Applicant's analysis, as Examiner respectfully submits 

that Applicant has misunderstood the purpose of the combination. Although at first 

glance it would appear that the Kessler and Best cryptographic units would appear to be 

reserved for different applications of cryptography, this fails to consider the possibility 

that there would exist overlap between the two systems. Specifically, Kessler discloses 

wherein that cryptographic processor is primarily used to encrypt and decrypt network 

communications, via SSL in a preferred embodiment (e.g. col. 4, lines 1-10; col. 6, lines 

55-67) while Best discloses a cryptographic unit intended to decrypt encrypted 
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programs (e.g. col. 3, lines 35-40) much as Applicant has observed; however, what 
Applicant has failed to consider is the possibility that one may transfer programs or 
executable code via a SSL connection for execution on the recipient computing device. 
The prior art is replete with examples where this is well known, such as disclosed in 
references like U.S. Patent Application 2003/0187666 (paragraph 0083), U.S. Patent 
Application 2001/0014158 (paragraphs 0037 & 0047), and U.S. Patent 6,715,084 (col. 
1 1 , lines 25-40), each of which disclose with varying detail that all manner of executable 
programs such as printer drivers, authentication software, Java programs and applets, 
and other executable code intended for immediate or near-immediate execution are 
obtained via an SSL connection, where simply by virtue of the fact that SSL connections 
are encrypted the received executable code would necessarily need to be decrypted 
before they can be run. Under these circumstances, it can thus be seen that the 
Kessler cryptographic unit possesses an overlap, if not a proper superset, of the 
functionality of Best's cryptographic unit, and the substitution of Kessler's coprocessor 
for Best's in Best's hybrid microprocessor embodiment would thus have yielded 
predictable results to one of ordinary skill in the art. It is additionally noted that the 
claimed invention merely recites a microprocessor [or an apparatus comprising same] 
with a dedicated cryptographic unit, but comprises no limitations that would teach away 
from the combination discussed supra. 

It is additionally noted that although the rejections have been presented as 
modifying the Kessler invention in accordance with the Best disclosure, the courts have 
held that the order in which the references are applied does not matter: In re Bush, 296 
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F.26 491, 496 (CCPA 1961) and In re Cook, 372 F.2d 563 (CCPA 1967). Accordingly, 
the rejections could just as easily be construed as modifying the Best invention through 
substitution of the Kessler cryptographic processor in lieu of Best's own equivalent, for 
substantially similar reasons as discussed supra. 

Claim Rejections - 35 USC § 103 

4. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

5. Any invocations of Official Notice from the previous Office Action that were not 
explicitly traversed in the amendment of 9/4/08 are now taken as Applicant admissions 
of prior art, as provided by MPEP 2144.03(c). 

6. Claims 1-6, 1 1, 12, 24, 25, 27, 56-60, 66, and 79-83 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Kessler et al. (U.S. Patent 6,789,147) in view of Best 
(U.S. Patent 4,278,837). 

Regarding claim 1 : 

Kessler discloses a processor apparatus for performing a cryptographic 
operation, the apparatus comprising: fetch logic, configured to fetch an Instruction flow 
from memory for execution by a processor (col. 4, line 59 - col. 5, line 36), said 
instruction flow comprising an instruction, configured to direct said processor to perform 
the cryptographic operation (col. 4, lines 10-16; col. 5, lines 29-36; Figure 7), wherein 
said cryptographic instruction prescribes one of the cryptographic operations (Figure 3); 
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said cryptographic operation comprising: an opcode field, configured to prescribe that 
the circuit accomplish the cryptographic operation as further specified within a control 
word stored in a memory (element 302 of Fig. 3; col. 5, lines 37-50); and a repeat prefix 
field, coupled to said opcode field, configured to indicate that the cryptographic 
operation prescribed by the cryptographic instruction is to be accomplished on a 
plurality of blocks of input data (element 310 of Fig.3; col. 5, line 50 - col. 6, line 10); 
and a cryptography unit, disposed within execution logic in said processor, configured to 
execute a plurality of cryptographic rounds on each of a plurality of input text blocks to 
generate a corresponding plurality of output text blocks, wherein said plurality of 
cryptographic rounds are prescribed by said control word (col. 9, lines 7-55); and an 
integer unit, disposed within execution logic in said processor and coupled in parallel 
with said cryptography unit, configured to execute a plurality of integer operations that 
are required to accomplish the cryptographic operation (col. 9, lines 15-20). 

The processor disclosed by Kessler is a coprocessor, which by itself does not 
conform to Applicant's preferred definition of "microprocessor" established in the 
specification. However, Best discloses wherein microprocessors with dedicated 
cryptographic functionality could be employed in an apparatus, wherein said 
microprocessor is a hybrid consisting of a conventional microprocessor and a 
cryptographic coprocessor combined into one single, indivisible microprocessor that 
behaves in exactly the manner as the "microprocessor" of the instant application (col. 
19, lines 20-60; Figures 17 & 18). Additionally, Best clearly discloses wherein the 
microprocessor has a fetch unit disposed within itself configured to fetch an application 
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program from memory by said microprocessor (e.g. col. 6, lines 15-20). The claims are 
thus obvious because the substitution of Kessler's cryptographic coprocessor in lieu of 
the default cryptographic coprocessor already disclosed by Best for use as the 
cryptographic unit of Best's hybrid microprocessor would have yielded predictable 
results to one of ordinary skill in the art by the time of the instant invention. 

Regarding claim 56: 

Kessler discloses an apparatus for performing cryptographic operations, 
comprising: fetch logic, disposed within a processor, configured to fetch an instruction 
flow from memory for execution by a processor by said processor (col. 4, line 59 - col. 
5, line 36), said instruction flow comprising an instruction, configured to direct said 
processor to perform the cryptographic operation (col. 4, lines 10-16; col. 5, lines 29-36; 
Figure 7), wherein said cryptographic instruction prescribes one of the cryptographic 
operations (Figure 3); said cryptographic operation comprising: an opcode field, 
configured to prescribe that the circuit accomplish the cryptographic operation as further 
specified within a control word stored in a memory (element 302 of Fig. 3; col. 5, lines 
37-50); and a repeat prefix field, coupled to said opcode field, configured to Indicate that 
the cryptographic operation prescribed by the cryptographic Instruction Is to be 
accomplished on a plurality of blocks of input data (element 310 of Fig. 3; col. 5, line 50 
- col. 6, line 10); translation logic, disposed within said processor, configured to 
translate said cryptographic instructions into associated micro instructions that specify 
sub operations required to accomplish said one of the cryptographic operation (e.g. col. 
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8, lines 11-16); and a cryptography unit, disposed witliin execution logic in said 
processor, configured to execute a plurality of cryptographic rounds on each of a 
plurality of input text blocks to generate a corresponding plurality of output text blocks, 
wherein said plurality of cryptographic rounds are prescribed by said control word (col. 

9, lines 7-55). 

The processor disclosed by Kessler is a coprocessor, which by itself does not 
conform to Applicant's preferred definition of "microprocessor" established in the 
specification. However, Best discloses wherein microprocessors with dedicated 
cryptographic functionality could be employed in an apparatus, wherein said 
microprocessor is a hybrid consisting of a conventional microprocessor and a 
cryptographic coprocessor combined into one single, indivisible microprocessor that 
behaves in exactly the manner as the "microprocessor" of the instant application (col. 
19, lines 20-60; Figures 17 & 18). Additionally, Best clearly discloses wherein the 
microprocessor has a fetch unit disposed within itself configured to fetch an application 
program from memory by said microprocessor (e.g. col. 6, lines 15-20). The claims are 
thus obvious because the substitution of Kessler's cryptographic coprocessor in lieu of 
the default cryptographic coprocessor already disclosed by Best for use as the 
cryptographic unit of Best's hybrid microprocessor would have yielded predictable 
results to one of ordinary skill in the art by the time of the instant invention. 
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Regarding claims 2 and 83: 

Kessler further discloses wherein the cryptographic operations are accomplished 

at the level of system privileges afforded to application programs (SSL being a 

component of web browser applications: col. 4, lines 5-10). 

Regarding claims 3 and 57: 

Kessler further discloses an encryption operation encrypting a plurality of blocks 
of input data to generate a plurality of ciphertext blocks (e.g. col. 2, lines 13-14 etc.) 

Regarding claims 4 and 58: 

Kessler further discloses an decryption operation decrypting a plurality of blocks 
of input data to generate a plurality of plaintext blocks (Ibid). 

Regarding claims 5 and 59: 

Kessler further discloses using AES (col. 9, lines 13-15; Figure 8, element 807). 
Regarding claims 6 and 60: 

Kessler further discloses a block cipher mode to be employed in accomplishing 
the cryptographic operations (inherent to the block ciphers taught in col. 9, lines 10-20). 

Regarding claim 1 1 : 

Kessler further discloses wherein the instruction proscribes that the cryptographic 
operations be accomplished on a plurality of text blocks (Figure 7) 
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Regarding claims 12 and 66: 

It is now taken as an admission of prior art that the "prior art microprocessor" 
component of the hybrid microprocessor disclosed by Best would be an x86 processor, 
with instructions prescribed in the x86 instruction format. 

Regarding claims 24 and 79: 

Kessler further discloses block cipher logic, configured to perform a plurality of 
cryptographic rounds on each of said plurality of blocks of input data according to said 
one of the block cryptographic operations to produce said corresponding plurality of 
output text blocks (col. 9, lines 7-44); and key RAM, operatively coupled to said block 
cipher logic, configured to store a key schedule, said key schedule comprising a 
plurality of round keys, each corresponding to a plurality of cryptographic rounds, and 
configured to provide each of said plurality of round keys to said block cipher logic for 
performance of said each of said plurality of cryptographic rounds (col. 9, lines 23-55). 

Regarding claims 25 and 80: 

Kessler further discloses wherein said block cipher logic id divided into two or 
more stages, whereby said plurality of cryptographic rounds are simultaneously 
performed on two or more of said plurality of blocks of data (inherent to at least the AES 
and 3DES algorithms disclosed on col. 9, lines 10-20). 
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Regarding claims 27 and 82: 

Kessler further discloses wherein said opcode field directs said cryptography unit 
to load one of said each of said plurality of input text blocks and to perform said plurality 
of cryptographic rounds (col. 5, lines 40-50). 

Regarding claim 81: 

Kessler further discloses an integer unit, coupled in parallel with said 
cryptography unit, configured to execute a plurality of integer operations that are 
required to accomplish the cryptographic operations (arithmetic unit: col. 9, lines 15-20). 

7. Claims 7-10 and 61-64 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kessler in view of Best as applied to claims 6 and 60 above, and 
further in view of the "Applied Cryptography, 2"^^ Edition" (hereinafter, "Schneier"). 

Regarding claims 7-10 and 61-64: 

Although Kessler and Best both disclose using block cipher modes for at least 
some of the supported encryption algorithms, they do not explicitly mention any of the 
modes listed in these claims. However, Schneier teaches that each mode (EGB, CBC, 
CFB, and OFB) were well known in the art (pages 193-206); accordingly, it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to use 
any of these modes in the cryptographic processor disclosed by Kessler, let alone the 
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hybrid of Best modified by Kessler; eacli mode has its own particular advantages as 
disclosed by Schneier (page 209, as appropriate). 

8. Claims 13-22 and 67-76 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kessler as applied to claims 1 and 56 above, and further in view of 
Johns-Vano et al. (U.S. Patent 6,026,490) 

Regarding claims 13 and 67: 

Although Kessler and Best both disclose at least one register (Kessler: element 
220 of Figure 2; Best: col. 5, lines 35-50 and Figures 8 & 9), it is unclear as to whether 
the instruction implicitly references a plurality of registers in the device. However, 
Johns-Vano discloses that the instruction set of a cryptographic processor implicitly 
references a plurality of internal registers (elements 558, 560, 564, 552, 566, and 556 of 
Figure 1 ). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made for a cryptographic processor to employ a plurality of 
registers. One would do so because using hardware registers would be conducive to 
making a cryptographic processing engine suitable for manufacture in semiconductor 
foundries thereby reducing manufacturing costs (col. 2, lines 28-33). 

Regarding claims 14 and 68: 

Johns-Vano further discloses a first register, wherein contents of said first 
register comprise a pointer to a first memory address, said first memory address 
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specifying a first location in said memory for access of a plurality of input text blocks 
upon which the cryptographic operations is to be accomplished (col. 5, lines 1-55). 

Regarding claims 15 and 69: 

Johns-Vano further discloses a second register, wherein contents of said second 
register comprise a second pointer to a second memory address, said second memory 
address specifying a second location in said memory for storage of a corresponding 
plurality of output text blocks, said corresponding plurality of output text blocks being 
generated as a result of accomplishing the cryptographic operations upon a plurality of 
input text blocks (col. 5, lines 1-55). 

Regarding claims 16 and 70: 

Johns-Vano further discloses a third register, wherein contents of said third 
register indicate a number of text blocks within a plurality of input text blocks (col. 5, 
lines 1-55). 

Regarding claims 1 7 and 71 : 

Johns-Vano further discloses a fourth register, wherein contents of said fourth 
register comprise a third pointer to a third memory address, said third memory address 
specifying a third location in said memory for access to cryptographic key data for use in 
accomplishing the cryptographic operations (col. 5, lines 1-55). 
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Regarding claims 18 and 72: 

Kessler and Johns-Vano further disclose wherein said cryptographic key data 
comprises a cryptographic key (Kessler: col. 6, lines 40-50; Johns-Vano: col. 7: 1-5). 

Regarding claims 19 and 73: 

Kessler further discloses wherein said cryptographic key data comprises a 
cryptographic key schedule (inherent to the algorithms used in col. 9, lines 10-20). 

Regarding claims 20 and 74: 

Johns-Vano further discloses a fifth register, wherein contents of said fifth 
register comprise a fourth pointer to a fourth memory address, said fourth memory 
address specifying a fourth location in said memory for access of an initialization vector 
for use in accomplishing the cryptographic operations (col. 5, lines 1-55). 

Regarding claims 21 and 75: 

Johns-Vano further discloses a sixth register, wherein contents of said sixth 
register comprise a fifth pointer to a fifth memory address, said fifth memory address 
specifying a fifth location in said memory for access of said control word for use in 
accomplishing the cryptographic operations, wherein said control word prescribes 
cryptographic parameters for cryptographic operations (col. 5, lines 1-55). 
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Regarding claims 22 and 76: 

Kessler further discloses an encryption/decryption field, configured to prescribe 
whether the cryptographic operation is an encryption operation or a decryption 
operation (col. 5, lines 50-60). 

Conclusion 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas Gyorfi whose telephone number is (571)272- 
3849. The examiner can normally be reached on 8:30am - 5:00pm Monday - Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571 ) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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11/10/08 
/Kimyen Vu/ 

Supervisory Patent Examiner, Art Unit 2435 


